VARIoT IoT vulnerabilities database

xp-builder is an XGT HMI editing software. There is a memory corruption vulnerability when xp-builder processes xpd project files. Attackers can use this vulnerability to execute malicious code on user systems

SKTOOL is a configuration software produced by Shenzhen Xiankong Technology Co., Ltd. SKTOOL has a memory corruption vulnerability when processing skm project files. Attackers can use this vulnerability to gain control of the user system or crash the program

LSIS configuration software is a configuration software of Lexing Power Generation (Wuxi) Co., Ltd. A memory corruption vulnerability exists in the LSIS configuration software when processing mce project files. Attackers can use this vulnerability to execute malicious code

A DoS Vulnerability was found in Hitachi IT Operations Director, JP1/IT Desktop Management - Manager and JP1/IT Desktop Management 2 - Manager. Regarding the impact of the vulnerability, please refer to the vendor advisory.

httpGetSet/httpGet.htm on Emerson Network Power Liebert Challenger 5.1E0.5 devices allows XSS via the statusstr parameter. An attacker may leverage this issue to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks. Liebert Challenger 5.1E0.5 is vulnerable; other versions may also be affected. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code

Xiaomi Xiaoai MINI smart speaker and Xiaomi Xiaoai AI smart speaker are both smart speaker products produced by Xiaomi Technology. There is a binary vulnerability between the Xiaomi Xiaoai MINI smart speaker and Xiaomi Xiaoai AI smart speaker voice device. Attackers can use this vulnerability to obtain the user's voice content.

IBM Storwize V7000 Unified (2073) 1.6 configuration may allow an attacker to reveal the server version in default installation, which could be used in further attacks against the system. IBM X-Force ID: 160699. IBM Storwize V7000 Unified Contains an information disclosure vulnerability. Vendors have confirmed this vulnerability IBM X-Force ID: 160699 It is released as.Information may be obtained. IBMStorwizeV7000Unified is a virtualized storage device from IBM Corporation of the United States. Attackers can exploit this issue to obtain sensitive information that may lead to further attacks

A remote buffer overflow vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39. HP Integrated Lights-Out is prone to following security vulnerabilities: 1. A buffer-overflow vulnerability 2. Multiple unspecified cross-site scripting vulnerabilities An attacker can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks, execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. This solution enables remote monitoring and operation and maintenance of IT assets such as servers. This vulnerability stems from the incorrect verification of data boundaries when the network system or product performs operations on the memory, resulting in incorrect read and write operations to other associated memory locations. Attackers can exploit this vulnerability to cause buffer overflow or heap overflow, etc

A remote cross site scripting vulnerability was identified in HPE Integrated Lights-Out 4 (iLO 4) earlier than v2.61b for Gen9 servers and Integrated Lights-Out 5 (iLO 5) for Gen10 Servers earlier than version v1.39. HP Integrated Lights-Out is prone to following security vulnerabilities: 1. A buffer-overflow vulnerability 2. Multiple unspecified cross-site scripting vulnerabilities An attacker can exploit these issues to execute arbitrary script code in the browser of an unsuspecting user in the context of the affected site. This may allow the attacker to steal cookie-based authentication credentials and launch other attacks, execute arbitrary code in the context of the user running the affected application. Failed exploit attempts will likely result in denial-of-service conditions. HPE Integrated Lights-Out is a set of remote control solutions from Hewlett Packard Enterprise (HPE). This solution enables remote monitoring and operation and maintenance of IT assets such as servers. The vulnerability stems from the lack of correct validation of client data in WEB applications. An attacker could exploit this vulnerability to execute client code

Four-Faith Wireless Mobile Router F3x24 v1.0 devices allow remote code execution via the Command Shell (aka Administration > Commands) screen. Four-Faith Wireless Mobile Router F3x24 The device contains a command injection vulnerability.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. The Four-Faith WirelessMobileRouter F3x24 is a portable wireless mobile router from China's Four-Faith. A code execution vulnerability exists in the Four-Faith WirelessMobileRouter F3x24v1.0 release, which can be exploited by a remote attacker using the CommandShell interface

Shenzhen INVT Electric Co., Ltd. is specialized in the fields of industrial automation and energy power. DLL hijacking vulnerability exists in INVT PanelSim when processing pl3 project files. Attackers can use the vulnerability to load malicious DLLs and execute malicious code

KUNBUS-GW Ethernet / IP is a programmable logic controller (PLC), which provides an integrated ControlNet communication port and two integrated Ethernet interfaces. There is a denial of service vulnerability in KUNBUS-GW Ethernet / IP. An attacker can use this vulnerability to bring down the device by sending a specific arp protocol packet

SQL injection vulnerability in Vtiger CRM before 7.1.0 hotfix3 allows authenticated users to execute arbitrary SQL commands. Vtiger CRM is a customer relationship management system (CRM) based on SugarCRM developed by American Vtiger Company. The management system provides functions such as management, collection, and analysis of customer information. The vulnerability stems from the lack of verification of externally input SQL statements in database-based applications

There is a man-in-the-middle (MITM) vulnerability on Huawei P30 smartphones versions before ELE-AL00 9.1.0.162(C01E160R1P12/C01E160R2P1), and P30 Pro versions before VOG-AL00 9.1.0.162 (C01E160R1P12/C01E160R2P1). When users establish connection and transfer data through Huawei Share, an attacker could sniff, spoof and do a series of operations to intrude the Huawei Share connection and launch a man-in-the-middle attack to obtain and tamper the data. (Vulnerability ID: HWPSIRT-2019-03109)

Insufficient access control vulnerability in Dynamic Application Loader software for Intel(R) CSME before versions 11.8.65, 11.11.65, 11.22.65, 12.0.35 and Intel(R) TXE 3.1.65, 4.0.15 may allow an unprivileged user to potentially enable escalation of privilege via local access. Both Intel Converged Security and Management Engine (CSME) and Intel TXE are products of Intel Corporation of the United States. Intel Converged Security and Management Engine is a security management engine. Intel TXE is a trusted execution engine with hardware authentication function used in CPU (Central Processing Unit). The vulnerability stems from the lack of effective permissions and access control measures in network systems or products. The following products and versions are affected: Intel CSME versions before 11.8.65, versions before 11.11.65, versions before 11.22.65, versions before 12.0.35; Intel TXE versions 3.1.65 and 4.0.15

A buffer overflow vulnerability in Fortinet FortiOS 6.0.0 through 6.0.4, 5.6.0 through 5.6.7, 5.4 and earlier versions and FortiProxy 2.0.0, 1.2.8 and earlier versions under SSL VPN web portal allows a non-authenticated attacker to perform a Denial-of-service attack via special craft message payloads. Fortinet FortiOS Contains a buffer error vulnerability.Denial of service (DoS) May be in a state. FortinetFortiOS is a set of Fortinet security operating systems dedicated to the FortiGate network security platform. The system provides users with multiple security features such as firewall, anti-virus, IPSec/SSLVPN, web content filtering and anti-spam. A buffer overflow vulnerability exists in FortinetFort iOS version 6.0.0 to 6.0.4, 5.6.0 to 5.6.7, and 5.4 and earlier. The vulnerability stems from a network system or product that does not properly validate data boundaries when performing operations on memory, causing erroneous read and write operations to be performed on other associated memory locations. An attacker could exploit the vulnerability to cause a buffer overflow or heap overflow. Fortinet FortiOS is prone to a buffer-overflow vulnerability. Attackers can exploit this issue to cause denial-of-service conditions. The following versions are vulnerable: FortiOS 6.0.0 through 6.0.4 FortiOS 5.6.0 through 5.6.7 FortiOS 5.4 and prior

Lack of root file system integrity checking in Fortinet FortiOS VM application images all versions below 6.0.5 may allow attacker to implant malicious programs into the installing image by reassembling the image through specific methods. Fortinet FortiOS VM The application contains an input validation vulnerability.Information may be tampered with. Fortinet FortiOS VM is prone to a local security-bypass vulnerability. Attackers can exploit this issue to bypass certain security restrictions to perform unauthorized actions. This may aid in further attacks. Versions prior to FortiOS VM 6.0.5 are vulnerable. Fortinet FortiOS VM is a security operating system running on a virtualization platform developed by Fortinet. The system provides users with various security functions such as firewall, anti-virus, IPSec/SSLVPN, Web content filtering and anti-spam. The vulnerability is caused by the lack of integrity checks in the program. An attacker could exploit this vulnerability to execute unauthorized code or commands

A logic issue in Intel Unite(R) Client for Android prior to version 4.0 may allow a remote attacker to potentially enable escalation of privilege via network access. Android for Intel Unite(R) Client Contains vulnerabilities related to authorization, permissions, and access control.Information is obtained, information is altered, and service operation is disrupted (DoS) There is a possibility of being put into a state. There is a security vulnerability in versions of Intel Unite(R) Client prior to 4.0 based on the Android platform. A remote attacker could exploit this vulnerability to elevate privileges

An out-of-bounds read vulnerability has been identified in Fuji Electric Alpha7 PC Loader Versions 1.1 and prior, which may crash the system. User interaction is required to exploit this vulnerability in that the target must visit a malicious page or open a malicious file.The specific flaw exists within the parsing of A7P files. The issue results from the lack of proper validation of user-supplied data, which can result in a read past the end of an allocated buffer. An attacker can leverage this in conjunction with other vulnerabilities to execute arbitrary code in the context of the Administrator. The vulnerability stems from a network system or product that does not properly validate data boundaries when performing operations on memory, causing erroneous read and write operations to be performed on other associated memory locations. An attacker could exploit the vulnerability to cause a buffer overflow or heap overflow. Successfully exploiting this issue allows an attackers to crash the affected application, denying service to legitimate users

Symantec Messaging Gateway (prior to 10.7.0), may be susceptible to an information disclosure issue, which is a type of vulnerability that could potentially allow unauthorized access to data. Attackers can exploit this issue to obtain sensitive information that may aid in launching further attacks. The product includes features such as antispam, antivirus, advanced content filtering, and data loss prevention. This vulnerability stems from configuration errors in network systems or products during operation